ScanMalware.com

Security Scan Report: ww16.gvg-koeln.de

Redirected to: http://resultearchnow.com/?dn=gvg-koeln.de&sksubid=180662&_slsen=1

Site favicon
Submitted: Feb 17, 2026, 3:00:48 PMCompleted: Feb 17, 2026, 3:02:41 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main domain is resultearchnow.com and was registered NaN years ago.

Submitted URL: http://ww16.gvg-koeln.de/?sub1=20260218-0200-4773-9003-8241d2660a84

Effective URL: http://resultearchnow.com/?dn=gvg-koeln.de&sksubid=180662&_slsen=1Redirected

AI Security Verdict

Moderate Risk

Confidence: 85%

4
Risk Score

Suspicious domain‑sale page with redirects; safe to view but avoid interacting or providing data.

Risk Factors
Circular redirect
New domain (<90 days old)
Multiple redirects (6)
Unranked domain (not in top 1M)
Non‑HTTPS (http) connection
Safety Factors
No credential or payment forms present
No malicious Indicators of Compromise matches found
No JavaScript malware patterns detected
Content appears to be a simple domain sale notice
Static page with no interactive elements
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🏳️

UNKNOWN

(0% confidence)

Category

unknown

(0%)

Domain Information

Domain 'ww16.gvg-koeln.de' uses the German country-code top-level domain (.de) with subdomain 'ww16'. Count 9 characters in 'gvg-koeln' containing 2 vowels alongside 6 consonants, notching 1 hyphen. Word splitting yields five words: g, vg, ko, el, n. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://ww16.gvg-koeln.de/?sub1=20260218-0200-4773-9003-8241d2660a84

Page Load Overview

4.94s
Total Load Time
13
HTTP Requests
5
Domains
15 KB
Total Size

Language Analysis

Primary Language

🏳️UNKNOWN
Code: unknown
Confidence:0%

Detection Details

Language Code:unknown
Detection Confidence:0%
0
Detector Agreement:0%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2172.67.183.137United States
AS13335Cloudflare, Inc.
2199.191.50.11British Virgin Islands
AS40034Confluence Networks Inc
264.190.63.136Germany
AS47846SEDO GmbH
2205.234.175.175United States
AS30081CacheFly
2188.114.97.4United States
AS13335Cloudflare, Inc.
135--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1EB52E768553049003ADD1A83DEBD6ED6160A1E23BC8C1D2D75DE2BC1F2DE5AF7C118BA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:PjNRyayyVoyCJKFGtv8RQ8+f7yV6u7TEEMami4J7tK9LGAvryV6u7TEEMami4J7Y:fKR2QZfDdnii7c9yAvTdnii7c5UBa

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:13804:QoFDQUQgQgwBMVCCBmkEQhlCYIQCsiYBrAimfjYAsshChLW0EA8gAGIIQKQEKKKAIYDJwqJAKBRjhwJIQPMZImKgCCXWCOwy

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00e7f7f75a181000
Perceptual Hash:e4b11b0a1b4ebbac
Difference Hash:71969686b6b2a692
Wavelet Hash:18e7fff7db181000
Color Hash:#87c595

Other Hashes

Crop Resistant:71969686b6b2a692

Scan History

Scan history not available

Unable to load historical scan data